voc/win_ansible_role_rdp
1
0
Fork 0
Code Issues Pull requests Releases Packages Activity
win_ansible_role_rdp/tasks/main.yml
L3D 04e6d2d4c8
update voc
2022-12-30 01:52:49 +01:00

44 lines
1.6 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
- name: Create dir .ansible\status
ansible.windows.win_powershell:
script: '[System.IO.Directory]::CreateDirectory(".ansible\status")'
creates: '.ansible\status'
register: _a
- name: Create dir .ansible\status
ansible.windows.win_powershell:
script: 'attrib +h .ansible'
changed_when: _a.changed
- name: Touch a file (creates if not present, updates modification time if present)
ansible.windows.win_copy:
dest: .ansible\status\rdp.txt
content: 'Ansible opened RDP on this host'
register: _a
# https://exchangepedia.com/2016/10/enable-remote-desktop-rdp-connections-for-admins-on-windows-server-2016.html
- name: Enable Remote Desktop connections
ansible.windows.win_powershell:
script: 'Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\ -Name “fDenyTSConnections” -Value 0'
changed_when: _a.changed
- name: Enable Network Level Authentication
ansible.windows.win_powershell:
script: 'Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\ -Name “UserAuthentication” -Value 1'
changed_when: _a.changed
- name: Firewall rule to allow RDP on TCP port 3389
community.windows.win_firewall_rule:
name: Remote Desktop
localport: 3389
action: allow
direction: in
protocol: tcp
profiles: private
state: present
enabled: true
- name: "Allow RDP for User {{ win__special_rdp_user }}"
ansible.windows.win_powershell:
script: 'Add-LocalGroupMember -Group "Remote Desktop Users" -Member {{ win__special_rdp_user }}'
when: win__allow_special_rdp_user | bool
Reference in a new issue View git blame Copy permalink